1-output 2-party secure function evaluation in a malicious setting, via a cut and choose of garbled circuits



  • 10:00, Tuesday, October 2nd, 2012
  • Room 336, INESC-ID


  • Luís Brandão, University of Lisbon, Faculty of Sciences (Portugal) and Carnegie Mellon University (USA)


2-party secure function evaluation protocols allow two parties (PA and PB) to compute a function of their combined input, while maintaining the inputs private. If a party is malicious, it may deviate from the protocol specification, trying to gain illegitimate knowledge about the input of the other party (breach privacy) or to corrupt the output of the other party (breach correctness). This introductory presentation will overview a solution approach to 1-output 2p-SFE (where only PB learns an output), based on garbled circuits (a cryptographic version of Boolean circuits) and a cut and choose approach, and highlight some subtle security issues. The presentation hides most mathematical details and its understanding should not require background knowledge in the area.